ASB-A-169255797

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-169255797.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-169255797
Aliases
  • A-169255797
  • CVE-2021-0478
Published
2021-06-01T00:00:00Z
Modified
2024-08-07T19:30:17.510437Z
Summary
App can remain foreground without showing notification to user (even by Android system) and can bypass one time permissions
Details

In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.1:0
Fixed
8.1:2021-06-05

Affected versions

8.*

8.1

Ecosystem specific

{
    "vanir_signatures": [
        {
            "match_only_versions": [
                "8.1"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "42020041142383304235704306891537256141",
                    "289934566830103813684344594208716515753",
                    "294823526023680949263775857811810283566",
                    "58840809258217128192670445423050767198",
                    "114505818128068924874392892140143823310",
                    "200823653085316894711538114895378009509",
                    "116627824074158765931383902233516993180"
                ]
            },
            "id": "ASB-A-169255797-273d510b",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/5791303c20964bcf83eb1a046f3ce256e10d43c6",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 603.0,
                "function_hash": "238518792499284688356094374625581676253"
            },
            "id": "ASB-A-169255797-acc20021",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/8875da5207678f41b6ec90800d1bf2d03327bd05",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java",
                "function": "updateDrawable"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 442.0,
                "function_hash": "230009974099059748614225976415562516999"
            },
            "id": "ASB-A-169255797-b027e0f8",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/5791303c20964bcf83eb1a046f3ce256e10d43c6",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java",
                "function": "updateDrawable"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "209994878309430805395706290204032689098",
                    "125461065251237585907190888088422299913",
                    "224624817943320447785708540466415237733",
                    "71208829877305823311535501649155661884",
                    "206844852653315512871748239391478303695",
                    "264794641393320405473911995224949025240",
                    "229794932618266376197057428186312067384",
                    "9888884701803256020115703459151666033",
                    "248118567324138200637685791802372116318",
                    "176566262648722621492230475312950332568",
                    "73147827167205304033947538896651956086",
                    "157528758180396483875238243954832899485",
                    "115818958425564811982751823721669419214",
                    "2408185724002910366505306683815659384"
                ]
            },
            "id": "ASB-A-169255797-bc473c40",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/8875da5207678f41b6ec90800d1bf2d03327bd05",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/5791303c20964bcf83eb1a046f3ce256e10d43c6",
        "https://android.googlesource.com/platform/frameworks/base/+/8875da5207678f41b6ec90800d1bf2d03327bd05"
    ],
    "spl": "2021-06-05",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
9:0
Fixed
9:2021-06-05

Affected versions

Other

9

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 442.0,
                "function_hash": "230009974099059748614225976415562516999"
            },
            "id": "ASB-A-169255797-84402102",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/c508aed10f739352a7bbf005dea2cb672e74b1ee",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java",
                "function": "updateDrawable"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 603.0,
                "function_hash": "238518792499284688356094374625581676253"
            },
            "id": "ASB-A-169255797-8542a610",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/00b65a29631032fb3d7710f5c5a13d0a15fdda5d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java",
                "function": "updateDrawable"
            },
            "signature_type": "Function"
        },
        {
            "match_only_versions": [
                "9"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "42020041142383304235704306891537256141",
                    "289934566830103813684344594208716515753",
                    "294823526023680949263775857811810283566",
                    "58840809258217128192670445423050767198",
                    "114505818128068924874392892140143823310",
                    "200823653085316894711538114895378009509",
                    "116627824074158765931383902233516993180"
                ]
            },
            "id": "ASB-A-169255797-bbb44a04",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/c508aed10f739352a7bbf005dea2cb672e74b1ee",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "167682451478170391322088494545066908104",
                    "125461065251237585907190888088422299913",
                    "224624817943320447785708540466415237733",
                    "71208829877305823311535501649155661884",
                    "206844852653315512871748239391478303695",
                    "264794641393320405473911995224949025240",
                    "229794932618266376197057428186312067384",
                    "9888884701803256020115703459151666033",
                    "248118567324138200637685791802372116318",
                    "176566262648722621492230475312950332568",
                    "73147827167205304033947538896651956086",
                    "157528758180396483875238243954832899485",
                    "115818958425564811982751823721669419214",
                    "2408185724002910366505306683815659384"
                ]
            },
            "id": "ASB-A-169255797-eca68dca",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/00b65a29631032fb3d7710f5c5a13d0a15fdda5d",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/c508aed10f739352a7bbf005dea2cb672e74b1ee",
        "https://android.googlesource.com/platform/frameworks/base/+/00b65a29631032fb3d7710f5c5a13d0a15fdda5d"
    ],
    "spl": "2021-06-05",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2021-06-05

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "match_only_versions": [
                "10"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "42020041142383304235704306891537256141",
                    "289934566830103813684344594208716515753",
                    "294823526023680949263775857811810283566",
                    "58840809258217128192670445423050767198",
                    "114505818128068924874392892140143823310",
                    "200823653085316894711538114895378009509",
                    "116627824074158765931383902233516993180"
                ]
            },
            "id": "ASB-A-169255797-4d060390",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/46ada71fbcb36c624ff29a3cd734775bc4853e6a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "167682451478170391322088494545066908104",
                    "125461065251237585907190888088422299913",
                    "224624817943320447785708540466415237733",
                    "71208829877305823311535501649155661884",
                    "206844852653315512871748239391478303695",
                    "264794641393320405473911995224949025240",
                    "229794932618266376197057428186312067384",
                    "9888884701803256020115703459151666033",
                    "248118567324138200637685791802372116318",
                    "176566262648722621492230475312950332568",
                    "73147827167205304033947538896651956086",
                    "157528758180396483875238243954832899485",
                    "115818958425564811982751823721669419214",
                    "2408185724002910366505306683815659384"
                ]
            },
            "id": "ASB-A-169255797-70562fff",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/92106a58df860553ecab2adb8a6e60e53a8a31e0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 603.0,
                "function_hash": "238518792499284688356094374625581676253"
            },
            "id": "ASB-A-169255797-fa2319a1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/92106a58df860553ecab2adb8a6e60e53a8a31e0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java",
                "function": "updateDrawable"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 442.0,
                "function_hash": "230009974099059748614225976415562516999"
            },
            "id": "ASB-A-169255797-fecc3ae0",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/46ada71fbcb36c624ff29a3cd734775bc4853e6a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java",
                "function": "updateDrawable"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/46ada71fbcb36c624ff29a3cd734775bc4853e6a",
        "https://android.googlesource.com/platform/frameworks/base/+/92106a58df860553ecab2adb8a6e60e53a8a31e0"
    ],
    "spl": "2021-06-05",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-06-05

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "match_only_versions": [
                "11"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "42020041142383304235704306891537256141",
                    "289934566830103813684344594208716515753",
                    "294823526023680949263775857811810283566",
                    "58840809258217128192670445423050767198",
                    "114505818128068924874392892140143823310",
                    "200823653085316894711538114895378009509",
                    "116627824074158765931383902233516993180"
                ]
            },
            "id": "ASB-A-169255797-25712e80",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/def75584a3f1a375685f1520fe5df506e8dcfa77",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 603.0,
                "function_hash": "238518792499284688356094374625581676253"
            },
            "id": "ASB-A-169255797-4f41ae06",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/001d4e68bbebc14132a13b21c38c5fb6af9034a3",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java",
                "function": "updateDrawable"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "167682451478170391322088494545066908104",
                    "125461065251237585907190888088422299913",
                    "224624817943320447785708540466415237733",
                    "71208829877305823311535501649155661884",
                    "206844852653315512871748239391478303695",
                    "264794641393320405473911995224949025240",
                    "229794932618266376197057428186312067384",
                    "9888884701803256020115703459151666033",
                    "248118567324138200637685791802372116318",
                    "176566262648722621492230475312950332568",
                    "73147827167205304033947538896651956086",
                    "157528758180396483875238243954832899485",
                    "115818958425564811982751823721669419214",
                    "2408185724002910366505306683815659384"
                ]
            },
            "id": "ASB-A-169255797-768f5d7a",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/001d4e68bbebc14132a13b21c38c5fb6af9034a3",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 442.0,
                "function_hash": "230009974099059748614225976415562516999"
            },
            "id": "ASB-A-169255797-ac41a920",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/def75584a3f1a375685f1520fe5df506e8dcfa77",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java",
                "function": "updateDrawable"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/def75584a3f1a375685f1520fe5df506e8dcfa77",
        "https://android.googlesource.com/platform/frameworks/base/+/001d4e68bbebc14132a13b21c38c5fb6af9034a3"
    ],
    "spl": "2021-06-05",
    "severity": "High",
    "types": [
        "EoP"
    ]
}